grsecurity forums


https://forums.grsecurity.net./

strange problem with 2.4.19 grsec 1.9.6

https://forums.grsecurity.net./viewtopic.php?f=3&t=135

Page 1 of 1

strange problem with 2.4.19 grsec 1.9.6

PostPosted: Fri Sep 06, 2002 3:29 pm
by maroi
slack 8.1
kernel 2.4.19 + grsec 1.9.6
patching and other thing was fine
but on a first reboot on a new kernel
it stops on "freeing unused kernel memory.."
it waits,waits.... and nothing happens
I didn`t wait for longer than a minute.
my grsec options :
CONFIG_GRKERNSEC_PAX=y
CONFIG_GRKERNSEC_PAX_MPROTECT=y CONFIG_GRKERNSEC_PAX_RANDMMAP=y CONFIG_GRKERNSEC_PAX_RANDEXEC=y CONFIG_GRKERNSEC_KMEM=y
CONFIG_GRKERNSEC_KSYMS=y
CONFIG_GR_MAXTRIES=3
CONFIG_GR_TIMEOUT=30
CONFIG_GRKERNSEC_PROC=y
CONFIG_GRKERNSEC_PROC_USERGROUP=y
CONFIG_GRKERNSEC_PROC_GID=10
CONFIG_GRKERNSEC_PROC_ADD=y
CONFIG_GRKERNSEC_PROC_MEMMAP=y
CONFIG_GRKERNSEC_LINK=y
CONFIG_GRKERNSEC_FIFO=y
CONFIG_GRKERNSEC_CHROOT_CAPS=y
CONFIG_GRKERNSEC_AUDIT_MOUNT=y
CONFIG_GRKERNSEC_SIGNAL=y
CONFIG_GRKERNSEC_FORKFAIL=y
CONFIG_GRKERNSEC_TIME=y
CONFIG_GRKERNSEC_EXECVE=y
CONFIG_GRKERNSEC_DMESG=y
CONFIG_GRKERNSEC_RANDPID=y
CONFIG_GRKERNSEC_RANDID=y
CONFIG_GRKERNSEC_RANDSRC=y
CONFIG_GRKERNSEC_RANDRPC=y
CONFIG_GRKERNSEC_RANDBIND=y
CONFIG_GRKERNSEC_RANDPING=y
CONFIG_GRKERNSEC_FLOODTIME=30 CONFIG_GRKERNSEC_FLOODBURST=4

these are my options I`ve set , the rest of then are disabled
What`s wrong ?

Re: strange problem with 2.4.19 grsec 1.9.6

PostPosted: Fri Sep 06, 2002 7:09 pm
by PaX Team
maroi wrote:slack 8.1

what gcc version did you use? it's known that 2.96.something at least miscompiles the PaX code in mm.h (static inline with ifdefs). what definitely works is 2.95.3 and 3.2, i don't know the others. so could first give one of these versions a try?

Re

PostPosted: Fri Sep 06, 2002 8:12 pm
by maroi
And the worst thing of it is that the version of gcc is 2.95.3.
Now I really don`t know what to do :-?
My second chance could be disabling pax, but I are there any other ways ?

PostPosted: Sat Sep 07, 2002 11:20 am
by spender
have you tried using the newest cvs version of grsecurity yet?

-Brad

PostPosted: Sat Sep 07, 2002 2:49 pm
by maroi
spender wrote:have you tried using the newest cvs version of grsecurity yet?

No , I didn`t
but is it safe ?
coz some of the cvs versions could be unstable, am I right ?

PostPosted: Sat Sep 07, 2002 2:54 pm
by spender
if they are, it's only for a couple minutes. I do things a bit differently than other projects...the current CVS will always work, as it's the one I'm always running. If I do any major changes I make them locally, and then commit when working chunks are completed.

-Brad

PostPosted: Sat Sep 07, 2002 3:52 pm
by maroi
ok fine.
so use the latest development version of grsecurity
or the latest cvs ?
and how I can get that latest cvs version (I never used cvs before)

PostPosted: Sat Sep 07, 2002 3:56 pm
by spender
instructions on how to generate a patch from the current cvs version is available on http://grsecurity.net/cvs.php
All times are UTC - 5 hours [ DST ]
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Group
https://www.phpbb.com/